Digital rights management or DRM refers to technologies that are used to control access to or usage of digital data or hardware that processes digital data. In a computing environment, such as a personal computing environment, DRM protection schemes are typically implemented by a DRM software layer that works in concert with a device's operating system and applications to implement a particular protection scheme. One of the challenges of implementing DRM in many computing environments flows from the open nature of these computing environments. Specifically, many computing devices are open in the sense that a user and others can freely add software and/or hardware to the device. This “openness” can, by its very nature, be susceptible to various threat models which are not present in systems that are considered closed—such as set top boxes or other sealed hardware devices.
Another of the challenges with implementing DRM in various computing environments, particularly open environments, flows from the nature of how protections are implemented. Specifically, in many systems, various DRM protection schemes rely on software enforced boundaries to protect content. That is, all of the executable software that can touch protected content (such as audio/visual content) has to operate within a defined boundary where trust is specified, and it has to perform in a prescribed and specified way. Yet, hostile threat models can be employed by nefarious individuals to try to modify the behavior inside the trust boundary to circumvent DRM protection. Specifically, software code can be injected at various levels within a system's software stack, e.g. at the operating system level, DRM infrastructure level and/or application level, to attempt to modify the behavior of the stack and thus try to change DRM properties.